Before the launch, all smart contracts had passed an independent security audit. In addition, the security of the smart contracts have been publicly tested via a “bounty test” offered and sponsored by the Bank. All tokens have been created and distributed to “Cold” wallets before the public announcement of the Airdrop ICO in accordance with the “Smart Contract Initiation” paragraph.
The storage concept applied by the Bank implements highest security standards. The principles of storage are the following:
- the hardware devices keeping private keys to addresses, which are able to manage multi-signature smart-contract wallets, PIN-codes and paper Recovery Seeds are kept in safe boxes at reliable third party banks;
- the security of the internet connection of Hot wallets is ensured by the Bank's common IT security system;
- a specific distribution of access rights to private address keys through hardware devices have been created;
- the segregation of Dukascoins owned by clients and by the Bank have been provided;
- 4 to 6 eyes principle for the creation of transactions have been applied;
- one time addresses for receiving Dukascoins from clients have been created;
- Clients are informed in real time about the amount of their Dukascoins in custody through online reporting.
To mitigate regulatory risks and risks related to money laundering, all clients operating with Dukascoins within the Bank will be subject to regular AML/KYC procedures of the Bank. The Bank will not accept any transfers of Dukascoins involving non-identified third parties. Any client willing to withdraw Dukascoins to an external wallet will have to confirm that they are the only ultimate beneficial owner of that wallet. The Bank continually will improve the screening of operations with Dukascoins according to the best industry practices.
The Bank will duly test third party service providers selected for cooperation in order to find and apply the highest professional standards.